The revelation that a Raspberry Pi helped enable an April 2018 hack of JPL arrived courtesy of the U.S. Office of the Inspector General (OIG) on June 18. OIG said in its report that JPL “has experienced several notable cybersecurity incidents that have compromised major segments of its IT network” in the last decade, with the April 2018 hack being “used to steal approximately 500 megabytes of data from one of its major mission systems.”..

https://www.tomshardware.com/news/nasa-hacked-raspberry-pi-cyber-security,39690.html

A new phishing campaign is underway that pretends to be a list undelivered email being held for you on your Outlook Web Mail service. Users are then prompted to decide what they wish to do with each mail, with the respective links leading to a fake login form…

https://www.bleepingcomputer.com/news/security/new-phishing-scam-asks-you-to-manage-your-undelivered-email/

A new cryptojacking campaign was spotted by experts at Trend Micro, crooks are using Shodan to scan for Docker hosts with exposed APIs.
Threat actors are using the popular Shodan search engine to find Docker hosts and abuse them in a crypojacking campaign. Attackers leverage self-propagating Docker images infected with Monero miners and scripts that use of Shodan to find other vulnerable installs and compromise them…

https://securityaffairs.co/wordpress/86417/malware/cryptojacking-campaign-docker.html

Around 20% of the top 1,000 most popular Docker containers on the Docker Hub portal are impacted by a misconfiguration that can expose users systems to attacks, under certain conditions.

The flaw is similar to the one that impacted the official Alpine Linux Docker container last week when Cisco Talos researchers found that Alpine Linux Docker images released in the past three years came with an active root account that used a blank password…

https://www.zdnet.com/article/root-account-misconfigurations-found-in-20-of-top-1000-docker-containers/

Microsoft patched today a critical Remote Code Execution (RCE) vulnerability found in the Remote Desktop Services (RDS) platform which can allow malicious actors to create malware designed to propagate between computers running vulnerable RDS installations…

https://www.bleepingcomputer.com/news/security/microsoft-fixes-critical-remote-desktop-flaw-blocks-worm-malware/

Google today disclosed a security bug in its Bluetooth Titan Security Key that could allow an attacker in close physical proximity to circumvent the security the key is supposed to provide. The company says the bug is due to a “misconfiguration in the Titan Security Keys’ Bluetooth pairing protocols” and that even the faulty keys still protect against phishing attacks. Still, the company is providing a free replacement key to all existing users…

https://techcrunch.com/2019/05/15/google-recalls-its-bluetooth-titan-security-keys-because-of-a-security-bug/amp/#referrer=https%3A%2F%2Fwww.google.com&_tf=From%20%251%24s

Amazon’s Alexa Guard feature is now rolling out in the US, following an invite-only preview that lasted a few months. This free update lets your Echo speaker listen for signs of danger in your home while you’re away. Sounds like glass breaking (caused by a burglar or a moody cat) or a smoke alarm going off will trigger Alexa to send out Smart Alerts consisting of audio clips. If your Echo has a built-in camera, it will show a direct video feed into your home…

https://www.theverge.com/2019/5/14/18618098/alexa-guard-amazon-echo-speaker-security-feature

WhatsApp on Tuesday encouraged its users to upgrade the app after a security breach allowed sophisticated attackers to sneak spyware into phones, in the latest headache for parent company Facebook.
The vulnerability — first reported by the Financial Times, and fixed in the latest WhatsApp update — allowed hackers to insert malicious software on phones by calling the target using the app, which is used by 1.5 billion people around the world…

https://www.news.com.au/technology/online/hacking/whatsapp-urges-upgrade-after-serious-security-breach-allowed-hackers-to-put-spyware-on-phones/news-story/2b42521cfdb68fca9841a25875dfa7df